PkgRadar

Package evidence

@mockholm/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
22
Versions published
6
First published
Mar 2026
Publisher
mockholm

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@mockholm/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@mockholm/[email protected]"],"fail_on":"review"}'
Publishermockholm
Artifact bytes254,907
Previous version1.0.5
Published2026-05-30T09:15:27.074Z
SHA-2562784fe0292360ed6b74136b646b3dd3390d976c03f8b0ed5f00984bec39e5152

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low
Last checked
lowRisk
0Score
1.0.6Version
Status history (1 event)
  1. newavailable · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts48
  • azdo:create-test-resultts-node src/index.ts azdo create-test-result
  • azdo:create-work-itemts-node src/index.ts azdo create-work-item
  • buildtsc
  • daemon:autorunts-node src/index.ts daemon autorun
  • daemon:healthts-node src/index.ts daemon health
  • daemon:logts-node src/index.ts daemon log
  • daemon:pingts-node src/index.ts daemon ping
  • daemon:startts-node src/index.ts daemon start
  • daemon:startedts-node src/index.ts daemon started
  • daemon:statusts-node src/index.ts daemon status
  • daemon:stopts-node src/index.ts daemon stop
  • devts-node src/index.ts
  • docker:api-scants-node src/index.ts docker api-scan
  • docker:automatets-node src/index.ts docker automate
  • docker:autorunts-node src/index.ts docker autorun
  • docker:baseline-scants-node src/index.ts docker baseline-scan
  • docker:full-scants-node src/index.ts docker full-scan
  • docker:get-docker-logts-node src/index.ts docker get-docker-log
  • docker:pullts-node src/index.ts docker pull
  • docker:start-daemonts-node src/index.ts docker start-daemon
  • docker:stop-daemonts-node src/index.ts docker stop-daemon
  • startts-node src/index.ts
  • typechecktsc --noEmit
  • utils:create-excel-reportts-node src/index.ts utils create-excel-report
  • utils:create-junit-resultsts-node src/index.ts utils create-junit-results
  • utils:get-logsts-node src/index.ts utils get-logs
  • utils:get-pdfts-node src/index.ts utils get-pdf
  • zap:active-scants-node src/index.ts zap active-scan
  • zap:ajax-scants-node src/index.ts zap ajax-scan
  • zap:api-scants-node src/index.ts zap api-scan
  • …and 18 more.
Dependencies16
  • @iarna/toml^2.2.5
  • @types/dockerode^4.0.1
  • axios^1.6.0
  • chalk^5.6.2
  • cli-progress^3.12.0
  • dockerode^4.0.10
  • dotenv^16.3.1
  • form-data^4.0.0
  • fs-extra^11.3.4
  • playwright^1.58.2
  • pm2^6.0.14
  • winston^3.19.0
  • xlsx^0.18.5
  • yaml^2.3.4
  • yargs^17.7.2
  • zap-cdk^0.0.11